IT SOX Auditor

IT SOX Auditor (Hybrid)

Our client, a local distribution company that currently provides natural gas service to approximately two million people in Oregon and Southwest Washington, is looking for a skilled and motivated IT SOX Auditor for their Portland, Oregon location. This position requires a candidate who is experienced at defining, leading, and executing on the annual IT SOX Audit Plan, specifically the annual assessment of the design and effectiveness of the company's key IT SOX controls and testing of key reports which support internal controls over financial reporting. Regarding the annual IT SOX testing, this position will be responsible for independently and pro-actively managing relationships with key business partners consisting of the Company's business controls office, the Company's IT compliance office, and the Company's external auditors relative to the execution of IT SOX testing, while ensuring alignment with both management's and the external auditor's expectations. In addition, this position will be responsible for flexibly supporting IT operational audits and other related deliverables as a key member of the internal audit team.

This hybrid position is a full-time direct hire role. If you think this position aligns well with your professional experience, we would like to hear from you!

Key Responsibilities for IT SOX Auditor:

• Lead the development and execution of the annual IT SOX Audit Plan
• Execute and report on IT SOX testing, including testing of IT general controls, automated application controls, and key reports
• Plan, lead, perform, and document control walkthroughs to evaluate the design of IT general controls
• Evaluate the operating effectiveness of key IT SOX general controls and automated application controls through testing
• Perform baseline and benchmark testing of key SOX-relevant reports
• Develop detailed test steps and audit procedures for testing new IT general controls, automated application controls, and key reports
• Apply appropriate test procedures to existing IT SOX controls and reports to ensure key control attributes are adequately addressed
• Document SOX testing work thoroughly and accurately, providing high-quality audit evidence to support conclusions and facilitate efficient review
• Execute test work in compliance with external audit expectations to maximize reliance on internal SOX testing
• Drive cross-functional stakeholder engagement to ensure successful execution of, and alignment with, the annual IT SOX testing plan
• Identify, discuss, and validate potential control exceptions (e.g., SOX deficiencies and process improvement opportunities) in real time with key stakeholders in a professional and constructive manner
• Project manage IT SOX audit activities, ensuring timely execution, achievement of testing deadlines, and regular status reporting to stakeholders
• Support the IT Audit Program Manager and audit team by leading and performing IT operational audits, including:
• Develop risk-based IT audit scopes
• Lead, conduct, and document walkthroughs
• Develop, execute, and document audit testing procedures
• Draft audit findings, develop practical recommendations, and propose remediation actions
• Support internal and external audit activities related to the year-end financial statement audit by delivering required audit documentation and analyses
• Contribute to overall team effectiveness by performing additional responsibilities as assigned in support of departmental objectives and the annual audit plan

Requirements/Qualifications for IT SOX Auditor:

• Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field
• Certified Information Systems Auditor (CISA) certification required; public accounting experience preferred
• Minimum of five (5) years of experience performing IT SOX audits
• Experience developing test work programs for new SOX controls, including both manual and automated controls
• Experience performing baseline and benchmark testing of key reports supporting internal controls over financial reporting
• Demonstrated ability to work independently, showing self-motivation and effective self-management with limited oversight
• Problem-solving skills and the ability to manage effectively through ambiguity
• Excellent organizational, project management, and time management skills, including the ability to multitask and meet deadlines
• Proven ability to document work in accordance with external auditor expectations, with strong attention to detail
• Experience scoping and executing IT operational audits, from planning, risk assessment, and scoping through reporting
• Experience assessing and implementing controls aligned with the NIST Cybersecurity Framework (CSF)
• Experience performing risk and control assessments using NIST framework guidance
• Experience implementing and evaluating controls aligned with the NIST framework
• Experience conducting IT risk assessments using COBIT risk guidance and mapping risks to COBIT control objectives
• Collaborative and flexible team-oriented mindset
• Exceptional written and verbal communication skills, including the ability to synthesize and clearly communicate technical information
• Experience with SAP, data analytics tools, and Audit Board preferred
• Proficiency with Microsoft Office applications, including Excel, PowerPoint, and Word

**We are unable to accommodate corp. to corp. candidates**

About Motus Recruiting and Staffing, Inc:

Founded in 2006, Motus is an award-winning recruiting and staffing firm in the Pacific Northwest, specializing in professional services and technology solutions. We are a group of people who not only recognize the importance of representation, but actively fight for diversity, equity, and inclusion in the recruitment process. Our goal is to educate organizations on the importance of DEI when hiring, promoting, and supporting diverse employees. We are calling organizations to demonstrate their commitment to DEI by being intentional about who they hire.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.

AG/BH13965